Advanced NMap Techniques - Hak5 2415

Can we have a Viss segment on the show?
Like metasploit minute and linux terminal?
Hell, why not extend it to other pen testers and have them talk about their methods and experiences

Please feature more folks like Viss on your show! Not only did we learn great technical skills but also got an insight into how these skills can be used and have been used in real-world situations. Got a lot from this one episode!

Once you've done the sweeps then you can do the bleeps and the creeps. ;)

"This is a laptop..."
"Oh wow."

Hell yeah! Keep bringing back Viss! Love that dude's talks

this guys a legend! very good at explaining what hes on about

Finally I found out why my web is so slow here in Shenzhen, China . You were scanning me . Lol . Learn a lot from you guys . 👍

xargs is probably my favorite cmdline tool :D but word of advice, first always run your xarged command with an echo first to make sure you set it up right :D

So only ipv4 was being scanned? What about ipv6 addresses?

So... Cutting is brutal, but I know Viss have a bit of a overload of info to burp ;).

Ohhhh boy...10 to 2 is 4 hours:)

nice video, thanks for the tips. Just as a hint, grep has a feature that can exclude it from the results, using, for example "grep [n]map", instead of "grep nmap | grep -v grep". Cheers

from 10 to 14 are 4 hour dude, the count doesn't start from zero when we are in the time domain :) :) :)

when he asked if she was familiar with syn/ack handshake hahaha she looked like she died inside. 🤣

"I also have problems with reading comprehension."

Can viss become a host ? He is legend

Viss: Master of FPV drones, tinywhooping, Shodan, and destroying things with LAZERS

You guys have great on-screen chemistry. More Viss + Shannon shows please! The content of these shows is fantastic, too. :)

Eternal blue almost get me caught by the feds.

Which one is the most reliable tool to scan for rdp(3389)? zmap, masscan, nmap or anything else?

I wish Shannon wouldn’t say “of course” so often. It doesn’t add much to the show, belittles the audience, and makes the guest sound like they’re stating the obvious. Dan is my hero, and he’s very good at explaining things too.

I wonder exactly what viss said that required a post production edit 38:31 maybe a "TMI" moment or a slip of the tongue? Trust your techno edit

You are not serious...Big dislike.

Arh.... those dumb comments with fake expression in the background are terribly annoying.

Hmm, and where is the advanced NMap technique then? I'm half through the video and see just a bit of half-decent scripting, some applyance for the "useless-use-of-cat-award" but no real ground-breaking news or tricks or nifty stuff. Sorry to say that, but that was really disappointing.

Hey Shannon, how about a segment on machine learning applied to penetration testing? I am thinking of finding patterns in traffic analysis perhaps

10-2=5 hours? off by one error.

Good for you that we not switched to IPv6 :P Thank you Hak5!

Vissago Thank you for making Shodan.
I'm working on a Kodi Plug-In (next step: screen saver) that let's one channel surf through random IP cams and Shodan has been incredibly useful for building a list of them that are online. What's a good way to make the plug-in scale? I'm worried about too many people connecting to the same camera or using the plug-in to "scrape" my API (rate-limiting already implemented but not tested with more than a few machines).
Also, AWS does not seem like the place to put a REST API that is suggesting people access IP Cams that aren't theirs. Who might be okay with this?

Viss - explains things 100 miles an hour, yet still engaging and comprehensive. Legend !

?? Dean Cain is a Hacker ??

36:43 *This got sexual very quickly, what's going on? Lol.*

AWESOME video, learning so much

Very useful video, high level of giving knowledges. Do more vids, please, in this way.

lmao the motion fx in this episode crack me up hahaha

She is adorable but the comments "wow" etc all.the time distract me a bit

Viss has been the man for a while haha.

Smart Guy.

Her superfluous comments and expressions are so annoying..

There's something I don't get. He said he's scanning hosts for Ethernablue, but how it is possible to scan host behind a public IP ? Is there weakness about NAT/PAT or firewalls ? Is there a way to find private IP behind a router ?
Asking for documentation ofc, I won't learn it through a YT comment

keep hakin :)

17:04 "So why do you wanna that a 256 as opposed to 128?“
Because - oh wow - to scan each /24 chunk in one go Dan must tell nmap to work on 256 IPs at once instead of 128, as he explained earlier?
"Yeah wow. OK. Of course. Ooohhh cool". (😲🤔🤯)

29:19
Viss: So, the idea here is, this is gonna tell us what's up and what's not up, and then what we can do is, we can take that last
script that we were using, and we can incorporate one into the other and say well, when we get the results of this, ...
Shannon: ItS sO bEaUtIfUl!
Viss: ... well it gets more interesting, check it out...
Shannon: It LoOkS lIkE a UnIcOrN!
​
Shannon Morse -- Video Host. Speaker.

what she don't know about screen. this shows you never worked as a sys admin

Would i have been better to use "parallel" instead of "xargs' unless you're backgrounding them all which isn't ideal. Using"parallel" will run all of the commands at the same time and track them.

Cool scripting in the video! But probably a more fitting title would be "techniques to scale nmap" or something alike. ("Scaling nmap to 100mbit"?)

my left ear really loved this episode

what if you can make a bomb instead of flamethrower

amazing, this could be probably one of the biggest information that i have ever been given. we need such playlist more and more in upcoming days. i hope i made you understand the things that i wanted to make you understand. we need such techniques more and more in upcoming days.

Starts in 9:03. Thx me via Like!! Jejeje

I'm in love this woman wow is beautiful, waw she just says wow kkkkkkkkkk.. Come to Portugal goooooo wow

All cool stuff, but the thing that impressed me the most, was his ability to spell parallellelism.

How about randomly scanning 200 million IP addresses using something like the bubble sort algorithm to find live hosts? You might find a larger number of live hosts in a limited amount of time (you would not want to scan all of the 200 million hosts just find a large number of live hosts). A sequential search may not be ideal for efficiently finding live IP nodes.

I scan windows 10 with all its options and gives all the ports are filtered, you can help me

Let me guess, the 50 VMs doing portscans are going to be located on servers in India when scanning ports in China, since the two countries don't cooperate that much :)

i know this is irrelivant but i saw the ad "cleanmymac" ad on pornhub cant be that reliable...

He had a lower Hitler mustache

looking a this I'm getting some ideas on how to get my friends internet down :))

So hacking the hold internet on port 445 really take forever literally

I Wonder how many times they have to route the packages to get to the destination. Nmap has a built in function for scanning the subnet.

Every time I watch these, I get the impression that Snubs is completely clueless as to what her guests are talking about. Lol.

Viss : *talks*
Girl : *oh wow*

Great gold reference

Does the thumbnail for this video keep changing ?

isn't that how wanncry works it's scanns IPs and use eternalblue ??

33:58 What is a SIM (sp?)

I have no idea what is going on. What's a good series of videos to begin to understand this

Hey Shannon and team, what's the guest's name in this video?

If you're going to do jump cuts, maybe the animated screen in the back that makes it blatantly and distractingly obvious might need to be reconsidered. Small nitpick, I know, and I mean nothing but friendly advice, so please don't take me wrong! Just my observation

one of the best videos I have ever seen

An episode about analyzing information gathered through nmap and osint tools like spiderfoot or the harvester with elasticsearch (or any big data analysis tool) would be really interesting as all of them just provide a just small piece of information which becomes meaningful when it is integrated with the one found by the other programs used

love the name of the mounted drive on viss' desktop

Awesome video need moar Viss!

Not used to watching Viss without the doc anymore...

@vissago I wonder what tools are in your tools directory besides ipscan

Oh that's not going to tempt us down a rabbit hole, NOT AT ALL =0P

neeeeeeeeerrrrrrrrrrrrrrrrd

Awesome!! This will help greatly with work!

skip to 9 mins in when it gets interesting.

Tour Con? TOR Con? I'd love to watch the VNC scan talk.

28 mins in and i still dont know wtf hees doing

This is why I love hak5. Gurus showing real stuff.

Can you send me link to the machine you are referring?

This guy knows so much, keep him on the show more often please

I love Viss!

scanning china sounds fun

do this in java hhahaha you can't

Heyyyyy....tentacle boooooiiiii.

Skip to 9:24 to start the demo

oh wow, that makes sense, lol

IPv6 is part of the internet.

He's talented. Fun to watch.

Bro in my vmware kalilinux does not show its wifi Option it shows only wire connection
how to solve it

Why not use gnu parallel?

I like dan, let's see more dan.

Greatest video.

xargs is amaaaaaaaazing!

Well I have recently got 50 MBPS Plan RIP internet

Best nmap video ever♥️😍

is he using some 3rd party terminal on Mac?